IACA Dark Web Investigation Support
Provided by International Anti Crime Academy (IACA) The Netherlands
https://iaca-darkweb-tools.com/
#Threat_Intelligence
Provided by International Anti Crime Academy (IACA) The Netherlands
https://iaca-darkweb-tools.com/
#Threat_Intelligence
👍3❤1
assembly programming with focus on Windows
credits : Siew Yi Liang
https://sonictk.github.io/asm_tutorial/
credits : Siew Yi Liang
https://sonictk.github.io/asm_tutorial/
👍8
Windows Secrets Extraction: A Summary
synacktiv😍
https://www.synacktiv.com/publications/windows-secrets-extraction-a-summary
https://www.synacktiv.com/publications/windows-secrets-extraction-a-summary
Synacktiv
Windows secrets extraction: a summary
🔥7👍1
Windows Pwnable Study from
SeungHyun Lee (a.k.a. "Xion")
https://github.com/leesh3288/WinPwn
https://github.com/FULLSHADE/WindowsExploitationResources
SeungHyun Lee (a.k.a. "Xion")
https://github.com/leesh3288/WinPwn
https://github.com/FULLSHADE/WindowsExploitationResources
X (formerly Twitter)
Xion (@0x10n) on X
CMU CSD PhD student / 2024 Top#0 Chrome VRP Researcher / Winner of Pwn2Own Vancouver '24, TyphoonPWN '24/'25, DEFCON 31 CTF, ... / PPP, KAIST GoN '18, @zer0pts
🔥9
How to Learn Binary Exploitation Roadmap
Courses: pwn.college and Nightmare: Roppers Remix
https://www.hoppersroppers.org/roadmap/training/pwning.html
Courses: pwn.college and Nightmare: Roppers Remix
https://www.hoppersroppers.org/roadmap/training/pwning.html
🔥6👍3❤2😐2🤩1
Reverse engineering blogs and others
https://xn--qckyd1c.xn--w8je.xn--tckwe/2021/10/02/Reverse-Engineering-Roadmap/
https://xn--qckyd1c.xn--w8je.xn--tckwe/2021/10/02/Reverse-Engineering-Roadmap/
❤6👍1🔥1
Forwarded from Reverse Dungeon
Windows exploitation by Fu11Shade
https://web.archive.org/web/20200506122824/https://fullpwnops.com/windows-exploitation-pathway.html
https://web.archive.org/web/20200506122824/https://fullpwnops.com/windows-exploitation-pathway.html
🔥5👍1
Source Byte pinned «Windows exploitation by Fu11Shade https://web.archive.org/web/20200506122824/https://fullpwnops.com/windows-exploitation-pathway.html»
Understanding_the_LFH.pdf
1.1 MB
Understanding_the_LFH.pdf
Low fragmentation heap
Blackhat USA 2010
Chris Valasek
X-Force Researcher
cvalasek@gmail.com
@nudehaberdasher
Low fragmentation heap
Blackhat USA 2010
Chris Valasek
X-Force Researcher
cvalasek@gmail.com
@nudehaberdasher
👍6
Source Byte
TD-LTE Irancell modem TK-2510 can be hacked/unlocked!? | Hardware Hack Part 1 Credit : saeed haghi-pour Language: Persian https://sisoog.com/2024/02/28/irancell-td-lte-modem-tk-2510-can-be-hacked-unlocked/
TD-LTE Irancell modem TK-2510 can be hacked/unlocked!? | Hardware Hack Part 2
Credit : saeed haghi-pour
Language: Persian
https://sisoog.com/2024/03/24/the-second-part-of-hardware-hacking/
Credit : saeed haghi-pour
Language: Persian
https://sisoog.com/2024/03/24/the-second-part-of-hardware-hacking/
👍8🔥1
Exploiting the libwebp Vulnerability, Part 2: Diving into Chrome Blink
https://www.darknavy.org/blog/exploiting_the_libwebp_vulnerability_part_2/
https://www.darknavy.org/blog/exploiting_the_libwebp_vulnerability_part_2/
👍3
Table of contents
Chapter 1: The Internal Language of Computers
Chapter 2: Combinatorial Logic
Chapter 3: Sequential Logic
Chapter 4: Computer Anatomy
Chapter 5: Computer Architecture
Chapter 6: Communications Breakdown
Chapter 7: Organizing Data
Chapter 8: Language Processing
Chapter 9: The Web Browser
Chapter 10: Application and System Programming
Chapter 11: Shortcuts and Approximations
Chapter 12: Deadlocks and Race Conditions
Chapter 13: Security
Chapter 14: Machine Intelligence
Chapter 15: Real-World Considerations
Chapter 1: The Internal Language of Computers
Chapter 2: Combinatorial Logic
Chapter 3: Sequential Logic
Chapter 4: Computer Anatomy
Chapter 5: Computer Architecture
Chapter 6: Communications Breakdown
Chapter 7: Organizing Data
Chapter 8: Language Processing
Chapter 9: The Web Browser
Chapter 10: Application and System Programming
Chapter 11: Shortcuts and Approximations
Chapter 12: Deadlocks and Race Conditions
Chapter 13: Security
Chapter 14: Machine Intelligence
Chapter 15: Real-World Considerations
❤6👍1🤔1
A Syscall Journey in the Windows Kernel
https://alice.climent-pommeret.red/posts/a-syscall-journey-in-the-windows-kernel/
https://alice.climent-pommeret.red/posts/a-syscall-journey-in-the-windows-kernel/
🔥4👍2🥰2
R 3.4.4 (Windows 10 x64) - Buffer Overflow SEH (DEP/ASLR Bypass)
https://www.ired.team/offensive-security/code-injection-process-injection/binary-exploitation/seh-based-buffer-overflow
https://www.exploit-db.com/exploits/47122
https://www.ired.team/offensive-security/code-injection-process-injection/binary-exploitation/seh-based-buffer-overflow
https://www.exploit-db.com/exploits/47122
www.ired.team
SEH Based Buffer Overflow | Red Team Notes
❤6👍2
In less than a couple of days, the first fixes for 0-day, discovered as part of the Pwn2Own Vancouver 2024 hacker competition, rolled out.
The first deals with out-of-bounds (OOB) writing (CVE-2024-29943) for remote code execution, and the second implements Mozilla Firefox sandbox escape via an untrusted function (CVE-2024-29944).
Mozilla says the first vulnerability could allow attackers to access a JavaScript object out of bounds by exploiting range-based bounds checking elimination on affected systems.
An attacker was able to perform an out-of-range read or write to a JavaScript object by tricking the elimination of range-based bounds checking.
The second flaw is described as privileged execution of JavaScript via event handlers, which could allow an attacker to execute arbitrary code in the parent process of the Firefox Desktop web browser.
Mozilla has fixed security flaws in Firefox 124.0.1 and Firefox ESR 115.9.1, blocking potential remote code execution attacks that target unpatched browsers.
The speed is certainly encouraging, especially considering that after the Pwn2Own competition, vendors are usually in no hurry to release fixes, counting on a 90-day delay until Trend Micro's Zero Day Initiative reveals them publicly.
In addition to Mozilla Firefox, the researcher also successfully uncovered Apple Safari, Google Chrome and Microsoft Edge, whose suppliers are now also analyzing the essence of the problems and preparing their patches.
https://www.mozilla.org/en-US/security/advisories/mfsa2024-15/#CVE-2024-29943
The first deals with out-of-bounds (OOB) writing (CVE-2024-29943) for remote code execution, and the second implements Mozilla Firefox sandbox escape via an untrusted function (CVE-2024-29944).
Mozilla says the first vulnerability could allow attackers to access a JavaScript object out of bounds by exploiting range-based bounds checking elimination on affected systems.
An attacker was able to perform an out-of-range read or write to a JavaScript object by tricking the elimination of range-based bounds checking.
The second flaw is described as privileged execution of JavaScript via event handlers, which could allow an attacker to execute arbitrary code in the parent process of the Firefox Desktop web browser.
Mozilla has fixed security flaws in Firefox 124.0.1 and Firefox ESR 115.9.1, blocking potential remote code execution attacks that target unpatched browsers.
The speed is certainly encouraging, especially considering that after the Pwn2Own competition, vendors are usually in no hurry to release fixes, counting on a 90-day delay until Trend Micro's Zero Day Initiative reveals them publicly.
In addition to Mozilla Firefox, the researcher also successfully uncovered Apple Safari, Google Chrome and Microsoft Edge, whose suppliers are now also analyzing the essence of the problems and preparing their patches.
https://www.mozilla.org/en-US/security/advisories/mfsa2024-15/#CVE-2024-29943
Mozilla
Security Vulnerabilities fixed in Firefox 124.0.1
🔥3👍1
Understanding the PE+ File Format
credit :allthingsida
[ 01 ] The Headers
[ 02 ] Imports
[ 03 ] Exports
[ 04 ] Entry Points and TLS Callbacks
———
@islemolecule_source
credit :allthingsida
[ 01 ] The Headers
[ 02 ] Imports
[ 03 ] Exports
[ 04 ] Entry Points and TLS Callbacks
———
@islemolecule_source
👍3🥰3❤1